Slion 1,201 Posted September 7, 2021 Author Share Posted September 7, 2021 3 minutes ago, VaZso said: I have an option in recovery to reboot to recovery anyway. Yes, it is indeed in the Advanced menu. Quote Link to post Share on other sites
Rob. S. 1,663 Posted September 7, 2021 Share Posted September 7, 2021 7 hours ago, raymo said: I don't know but in my phone I never sideload Gapps after OTA update, but Magisk every time. Just for the record, after I decided to install LOS 18.1 with Magisk when I moved to 18.1 after had been using a non-rooted LOS 16.1, the first thing I tried was to just install the next OTA and see what comes out of it, and both GApps and Magisk were still there and working after the reboot. Has been that way for me ever since. 1 Quote Link to post Share on other sites
raymo 177 Posted September 8, 2021 Share Posted September 8, 2021 (edited) 17 hours ago, Rob. S. said: Just for the record, after I decided to install LOS 18.1 with Magisk when I moved to 18.1 after had been using a non-rooted LOS 16.1, the first thing I tried was to just install the next OTA and see what comes out of it, and both GApps and Magisk were still there and working after the reboot. Has been that way for me ever since. Really ? since LOS17 I have to flash magisk at every OTA update. For Gapps I never reflash it. edit : to clarify the whole things, this mean A/B slots are just for wiping partitions, (like a "transfer") but there are many slots, physically talking ? and so the priority order when flashing roms, Gapps, Magisk, etc... decide if it will be persistent on next update ? Edited September 8, 2021 by raymo 1 Quote Link to post Share on other sites
Hook 3,031 Posted September 8, 2021 Share Posted September 8, 2021 My results are the same as @Rob. S. No need to reflash either Magisk (used for SU only) or Gapps after OTA. 1 Quote Link to post Share on other sites
raymo 177 Posted September 8, 2021 Share Posted September 8, 2021 ok I just remember, I have installed Magisk via the .apk, this mean, if I reinstall Magisk via sideload it will do the trick ? (If I understant correctly, magisk.apk could also be magisk.zip, I've just to rename it and sideload via adb). 1 Quote Link to post Share on other sites
Hook 3,031 Posted September 8, 2021 Share Posted September 8, 2021 44 minutes ago, raymo said: ok I just remember, I have installed Magisk via the .apk, this mean, if I reinstall Magisk via sideload it will do the trick ? (If I understant correctly, magisk.apk could also be magisk.zip, I've just to rename it and sideload via adb). Yes, that is how I have installed Magisk. 1 Quote Link to post Share on other sites
Sean McCreary 328 Posted September 17, 2021 Share Posted September 17, 2021 For those of you who are self-building, I thought I should provide some info about where to find the monthly ASB patches. Google is currently backporting security patches to all releases since Oreo (Android 8.1), and there is a simple way to cherry-pick these patches from the AOSP source tree. You'll need to have synced the full tree first, following the instructions at https://source.android.com/setup/build/downloading tl;dr repo init -u https://android.googlesource.com/platform/manifest -b master repo sync Once you have the full tree, you can easily display the patches included in each ASB by listing all of the commits between the current and the last security tag. For example, to list all the commits for the September 2021 ASB in Android 10: repo forall -pc git log --oneline android-security-10.0.0_r57..android-security-10.0.0_r58 | grep -v 'Merge cherrypicks of \[' | less This produces the following concise list: Quote project build/make/ ef0f74de59 Version bump to QSV1.210329.014 [core/build_id.mk] project external/libavc/ b70ba0e Decoder: Update check for increment u2_cur_slice_num project external/skia/ fa5458660a Only treat PNG_COLOR_TYPE_RGB as 565 project frameworks/base/ 8e697062d092 Don't attach private Notification to A11yEvent when user locked c64af40f7cf0 Improve ellipsize performance ab14dac312f2 DO NOT MERGE Add cross-user check for getDefaultSmsPackage(). 5dd2109eca6a Fix side effects of trace-ipc and dumpheap commands 4b747e6d3f29 Fix race condition between lockNow() and updateLockscreenTimeout 8fa3d1df4c2c [security] SubscriptionGroup is exposed to unprivileged callers project frameworks/native/ f43b65c1b Do not modify vector after getting references project frameworks/opt/telephony/ 30ebc474d [security] SubscriptionGroup is exposed to unprivileged callers 565c04e7a filter deviceIdentifiers for subscriptionInfo if callers without perm project packages/apps/Launcher3/ 8d0d38b67 Forward fix for: Set FLAG_IMMUTABLE flag on FirstScreenBroadcast PendingIntent. a69a4fa8b Set FLAG_IMMUTABLE flag on FirstScreenBroadcast PendingIntent. project packages/apps/Nfc/ 818ecc4b Add HIDE_NON_SYSTEM_OVERLAY_WINDOWS permission to Nfc project packages/apps/Settings/ 1e14a79fac RESTRICT AUTOMERGE Fix phishing attacks over Bluetooth due to unclear warning message 838e0b52c9 RESTRICT AUTOMERGE Update string project system/bt/ 5c72690ad SMP: Reject pairing if public_key.x match Now you no longer need to wait for LineageOS to update their trees! 😉 For the September ASB, these are the relevant branches and tags for each Android release: Version Branch Tag 15.1 oreo-mr1-security-release android-security-8.1.0_r92 16.0 pie-security-release android-security-9.0.0_r72 17.1 android10-security-release android-security-10.0.0_r58 1 7 Quote Link to post Share on other sites
Slion 1,201 Posted September 18, 2021 Author Share Posted September 18, 2021 (edited) If like me you get stuck in a reboot loop after updating your ROM and no amount of GApps sideload can fix it, try that: https://gerrit.aicp-rom.com/c/AICP/device_google_wahoo/+/63092/1/device.mk https://source.android.com/devices/tech/config/perms-allowlist The logs during the reboot loop were mentioning: "Signature|privileged permissions not in privapp-permissions whitelist:" Basically I just added the following lines to my device.mk: # Bypass privapp-permissions whitelist PRODUCT_PROPERTY_OVERRIDES += \ ro.control_privapp_permissions=log Edited September 18, 2021 by Slion Quote Link to post Share on other sites
Sean McCreary 328 Posted September 18, 2021 Share Posted September 18, 2021 3 hours ago, Slion said: # Bypass privapp-permissions whitelist PRODUCT_PROPERTY_OVERRIDES += \ ro.control_privapp_permissions=log This has very obvious security implications, however. If you do this, you should be aware you are disabling some of the malware protection Google has built into Android. As an alternative, you might consider including gapps inside your custom OS image, like the OEMs do. For more details on how to do this, see: https://github.com/opengapps/aosp_build 1 1 Quote Link to post Share on other sites
Slion 1,201 Posted September 19, 2021 Author Share Posted September 19, 2021 (edited) 12 hours ago, Sean McCreary said: This has very obvious security implications, however. If you do this, you should be aware you are disabling some of the malware protection Google has built into Android. Me, I'm just happy it boots... However you have a point, if your phone does not boot I guess it's really secure 🥴 😁🤪 Edited September 19, 2021 by Slion 1 Quote Link to post Share on other sites
EskeRahn 5,464 Posted October 27, 2021 Share Posted October 27, 2021 On 9/1/2021 at 2:29 PM, daniel.schaaaf said: I did, and I appreciate(d) your instructions 🙂. Although I don't quite get why fxtec doesn't provide a signed driver ... Anyways, I only got fastboot to detect my phone. Any other command besides "fastboot devices" failed on Windows and Ubuntu, and all USB ports (four ports provided by four different controllers on my mainboard). Flashing boot.img (to boot, boot_a or boot_b) failed either because fastboot claimed the boot partition was too small, or because the phone stopped responding or rebooted. ADB worked without any problems. Did you find a workaround? I just got a new PC with Win 11, that requires drivers to be signed (unless going through all kind of hoops to loosen the security at bios-level to disable that). With the default windows driver ADB works just fine. But fastboot does not.... The driver I used on the previous PC (that worked fine) are not signed. I tried downloading from Google, but they aren't signed either. The force method mentioned on XDA does not work on Win 11. (I do not get the question to install it anyway, it is just denied) I have not tried all the manufacturer on the list. Does anyone know if if a Pro1 fastboot-wise acts as a more widespread device? Quote Link to post Share on other sites
EskeRahn 5,464 Posted October 27, 2021 Share Posted October 27, 2021 (I can get my old driver installed and working temporarily disabling the driver check as described in Fix 6 here, but that only last to next boot) Quote Link to post Share on other sites
daniel.schaaaf 177 Posted October 28, 2021 Share Posted October 28, 2021 15 hours ago, EskeRahn said: Did you find a workaround? I just got a new PC with Win 11, that requires drivers to be signed (unless going through all kind of hoops to loosen the security at bios-level to disable that). With the default windows driver ADB works just fine. But fastboot does not.... The driver I used on the previous PC (that worked fine) are not signed. I tried downloading from Google, but they aren't signed either. The force method mentioned on XDA does not work on Win 11. (I do not get the question to install it anyway, it is just denied) I have not tried all the manufacturer on the list. Does anyone know if if a Pro1 fastboot-wise acts as a more widespread device? No, I didn't find a workaround ... but I also stopped looking after a while Disabling the signature check in Windows did work, the driver installed correctly, but fastboot still refused to do more than list my device. I have no idea what else could be wrong and just hope that I never have to use fastboot ... 1 Quote Link to post Share on other sites
EskeRahn 5,464 Posted October 28, 2021 Share Posted October 28, 2021 27 minutes ago, daniel.schaaaf said: No, I didn't find a workaround ... but I also stopped looking after a while Disabling the signature check in Windows did work, the driver installed correctly, but fastboot still refused to do more than list my device. I have no idea what else could be wrong and just hope that I never have to use fastboot ... I had the same, but adding an ancient usb-hub at the least allowed me to do the flashing, though with the speed down at the least a factor of five... It takes a whole minute to flash the 64K boot-image, and sort of forever to flash the main image *LOL* So will see if I can find an old, but not THAT old hub, tucked away in a drawer somewhere... 1 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.